<?php 
$changePasswordErrors = array();


if($user->isLogged()) {
	if(isset($_REQUEST['updatepassword'])) {
		
		if(!$user->validateField("password", $_POST['old_password'])) {
			$changePasswordErrors['old_password'] = "Inserisci la vecchia password!";
		}else{
			if(!$user->validateField("old_password", md5($_POST['old_password']))) {
				$changePasswordErrors['old_password'] = "La vecchia password non corrisponde";
			}
		}			
		if(!$user->validateField("password", $_POST['new_password'])) {
			$changePasswordErrors['new_password'] = "Inserisci la nuova password!";
		} else {
			if($_POST['renew_password'] != $_POST['new_password'] OR !$user->validateField("password", $_POST['renew_password'])) {
				$changePasswordErrors['new_password'] = "Le due password non corrispondono!";
			} else {
				$user->new_password = md5($_POST['new_password']);
			}
		}
	}

}

if(isset($_REQUEST['updatepassword']) && count($changePasswordErrors)==0) {
	$changePasswordSuccess = null;
	$resultUpgrade = $user->updatePassword();
	if($resultUpgrade){
		$changePasswordSuccess = "Password cambiata con successo!";
	}
}
	
?>
<h3 style="width:69%">Cambia password</h3>
	<form action="#" method="POST">
		<table>
			<tr>
				<td>Vecchia password: </td>
				<td><input type="password" value="" name="old_password"/></td>
			</tr>
			<tr>
				<td>Nuova password: </td>
				<td><input type="password" value="" name="new_password"/></td>
			</tr>
			<tr>
				<td>Reinserire nuova password: </td>
				<td><input type="password" value="" name="renew_password"/></td>
			</tr>
			<tr>
				<td></td>
				<td><input type="submit" id="updatepassword" value="Cambia password" name="updatepassword"/></td>
			</tr>
		</table>
	</form>
	
	<?php 
	if(isset($changePasswordErrors['old_password']) || isset($changePasswordErrors['new_password'])){
		echo '<div id="errorChangePassword">';
			if(isset($changePasswordErrors['old_password'])){ 
				echo '<p>' . $changePasswordErrors['old_password'] . '</p>'; 
			}
			if(isset($changePasswordErrors['new_password'])){ 
				echo '<p>' . $changePasswordErrors['new_password'] . '</p>'; 
			}
			if(isset($changePasswordSuccess['success'])){ 
				echo '<p>' . $changePasswordSuccess['success'] . '</p>'; 
			}
		echo '</div>';
	}
	
	if(isset($changePasswordSuccess)){
		echo '<div id="successChangePassword">';
			echo '<p>Password cambiata con successo!</p>'; 
		echo '</div>';
	}
	
?>